[navyrain]

I think you're right that UX and good security are often at odds, but I wouldn't go so far as to say that they _must_.

I view the current state of security in applications a a result of two forces: 1) The human dynamics of the roles involved: The disciplines of security and user interface design overlap very infrequently, and very rarely done alongside one another, collaboratively; one always tends to drive the other. For user-friendly and secure communication software to be written in an open source environment, too many stars have to align. 2) The market value of data: Software which can be monitored, and data of its users aggregated, analyzed, acted upon, and sold is more lucrative than making something which is truly secure, even from the authors.

I believe usable encryption is possible, but I don't expect it to come from grassroots open source efforts, nor from the big market players. If anyone, I expect to see it come a collaboration between large non-profits (such as Mozilla, EFF), and universities. In the current environment, they're one of the few with sufficient resources, organization, and motivation to get it done.